Russian hybrid warfare is a reality that NATO and its member states are rapidly having to recognise. The intrinsic misunderstanding that exists between Russia and NATO, as well as Putin’s predilection for brinksmanship, heightens the probability that Russia might intensify its current posturing. Such an escalation would likely involve engaging a NATO member within Russia’s former sphere of influence, most likely a Baltic nation, by employing cyber disruption to generate instability and keep the target state vulnerable.
With a large portion of Russia’s attention centred on Ukraine since 2014, cyberspace in the Baltics has been relatively calm. Russian intrusions have been limited to pro-Russian trolling, cyber espionage and some cases of distributed denial-of-service (DDoS) attacks. As Russian attention has now firmly turned to the Baltics following NATO’s roll-out of its Enhanced Forward Plan in the region, it is critical that the alliance is prepared for the form of hybrid warfare that may ensue there.
THE GROWING PREVALENCE OF LARGE-SCALE RUSSIAN CYBER-ATTACKS
The destructive hacks of Ukrainian power stations in December 2015 and December 2016 represent a significant upsurge in the number of large-scale and complex cyber-attacks the country has endured. While it has not been definitively proven that Russia committed the attacks – definitive proof hardly ever exists as cyber-attacks are almost impossible to attribute to a state – the revelations that the Russian-linked Sandworm hacking group was involved points to the likelihood of Russian state involvement. This upsurge in cyber-attacks represents an escalation of Russian cyber disruption from computer network exploitation (CNE), otherwise known as cyber espionage, to computer network attacks (CNA), otherwise known as offensive cyber operations.
The increasing prevalence of Russian CNA is exacerbated by conditions in the Baltics that make them highly conducive to offensive cyber operations. The Baltics is a theatre in which Moscow will aim to employ increasingly stark threat signalling to NATO in an attempt to coerce it into abandoning its Enhanced Forward Presence Plan. This generates a greater role for cyber-attacks in Russian strategy. The Baltics also offer incredibly lucrative targets for CNA. Estonia is the most digitally-connected – and hence digitally-dependent – country on Earth. Estonians can vote in elections from their living room, fill in their tax return online in a couple of minutes, and sign legally-binding contracts over the internet, among many other available services.
Further pointing to the likelihood of Russia engaging in CNA in the Baltics are the revelations that emerged in 2016 concerning the plans of Russia’s Federal Security Service (FSB) to vastly strengthen its offensive cyber capabilities through annual investments of US$250 million. Particular attention will be expended on “the development and delivery of malicious programs which have the ability to destroy the command and control systems of enemy armed forces, as well as elements of critical infrastructure, including the banking system, power supply and airports of an opponent.”
RUSSIAN CNA: PUTIN’S SHORT AND LONG-GAME STRATEGIES
There are two apparent paths that Russia’s escalation from CNE to CNA could take. First is the above-mentioned strategy of localised instability. This would entail cyber disruption ranging from frequent DDoS attacks to assaults on critical infrastructure. Moscow would aim to keep the target nation, or region, unstable enough that it is unable to repel or withstand Russian ‘active measures’ as part of Russia’s push to entrench a favourable political status quo.
The availability of this strategy for Moscow is dependent on the Russian-NATO standoff in the Baltics remaining at a level that is conducive (for Russia) to a long-game strategy like localised instability. If, on the other hand, tensions keep escalating, Russia will likely take direct action to immediately improve the unfavourable status quo in the short-term.
A prime vehicle through which Russia could achieve such an immediate revision of the status quo would be the deployment of ‘little green men’ to the Baltics. This eventuality is not necessarily improbable. Putin is renowned as being more of an opportunist than a strategist; his strength lies in seeing openings and deploying the appropriate tactics to take full advantage of a given situation. As such, he is inherently more in tune with short-game strategies like the deployment of ‘little green men’. Furthermore, with the March 2018 Russian presidential election looming, and with the domestic prestige gained from the Crimea occupation waning, Putin will be looking for a channel through which he can bolster his standing at home.
THE NEXUS OF KINETIC AND CYBER OPERATIONS
The crucial prerequisite step before the deployment of ‘little green men’ is broadening the scope of Russia’s CNA from only the Baltics to NATO as a whole. Prevailing Russian hybrid warfare doctrine dictates that the deployment of kinetic or traditional military operations should only occur after an information campaign has sufficiently prepped the battlefield. This involves significantly disrupting adversaries’ intelligence flows and severely undermining their trust in their digitally-reliant institutions. Only once sufficient ‘fog of war’ has been established should kinetic operations be employed.
Such kinetic operations may not even have to be overtly offensive. The Russian enclave of Kaliningrad presents geopolitical parallels to the Danzig corridor situation Hitler exploited to invade Poland. The railway connecting Kaliningrad to Russia bisects Lithuania before extending through Russian-allied Belarus and then on to Russia. If the above-mentioned ‘fog of war’ had been established – whereby the information being received by NATO from the Baltics has either been limited or twisted by Russian CNA operations – it could, for instance, provide Russia with the opportunity to portray a derailed Russian train as a case of Lithuanian sabotage. This would be presented as justification for sending in troops to secure the situation.
The fluidity or rapidity with which such a situation can materialise and escalate is the new reality that NATO is increasingly coming to grips with as relations with Russia over Eastern Europe deteriorate.